You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
this is security vulnerability, can't say much about what tool we are using to check security issues in our repo.
but the tool is showing some issues with HIGH status
security vulnerability Gin-Gonic Gin contains a reflected file download attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. A remote attacker could leverage this to allow specially crafted files to be downloaded from a trusted domain.
How to reproduce
not sure
Expectations
vulnerability should resolve
Environment
go version: 1.20
gin version (or commit ref): 1.19
operating system: linux we use docker
The text was updated successfully, but these errors were encountered:
Description
this is security vulnerability, can't say much about what tool we are using to check security issues in our repo.
but the tool is showing some issues with HIGH status
security vulnerability
Gin-Gonic Gin contains a reflected file download attack that sets the
Content-Dispositionheader of a response when the filename is derived from user-supplied input. A remote attacker could leverage this to allow specially crafted files to be downloaded from a trusted domain.How to reproduce
not sure
Expectations
vulnerability should resolve
Environment
The text was updated successfully, but these errors were encountered: